What is antivirus?
Antivirus solutions are software tools to detect malicious software like viruses, worms, and trojan horses. Most antivirus software provides an option to place a detected malware specimen in quarantine or delete the infected file. The scan engine used by most vendors rely heavily on signatures and heuristic analysis. Signatures are like partial fingerprints and are used to see if a file is possibly infected. Heuristic analysis is a method to detect unknown malware by using sandbox technology or decompiling binary code.
The following security tools are linked to antivirus and are worth investigating.
- Malice (VirusTotal clone)
- Malscan (malware scanner for web servers)
- Samba-VirusFilter (antivirus plugin)
- Veil Framework (Metasploit payload generator)
- YARA (malware identification and classification)